Finra pushes ahead with revised CARDS plan

Signaling that it is forging ahead with its data-driven enforcement initiatives, Finra on Monday unveiled a reworked version its controversial Comprehensive Automated Risk Data System.

A formal proposal could ready as soon as this summer.

“A properly designed CARDS is in the future,” Richard G. Ketchum, chief executive of the Financial Industry Regulatory Authority Inc., said in introducing the latest iteration of CARDS at the regulator's annual conference in Washington, D.C. “It will be transformational.”

After receiving hundreds of comment letters and criticism from the industry, Finra modified how it will collect data from its roughly 4,300 member firms. It will also stagger the rollout of CARDS.

As originally envisioned, CARDS would have required member firms to submit a standardized set of customer and product information through their clearing firm on a regular basis.

Under the reworked version, Finra members, nearly half of whom do not have a relationship with a clearing firm, would be able to submit that data through other means, including a service bureau or by sending information directly.

“It's not exactly Burger King's 'Have It Your Way,' but you will definitely have choices,” he said.

While most of the information must be submitted under a standard format, Finra plans to provide some leeway for how firms submit information about suitability. That's because firms tends to use different terminology to describe some client data, such as risk tolerance.

In addition, during the initial rollout, CARDS will not require firms to submit information about products that aren't held at the firm, such as variable annuities, direct participation programs and directly sold mutual funds, Mr. Ketchum said.

“In a later phase, we may collect this kind of product information through CARDS, but that collection would be pursuant to additional rule making,” he said.

Mr. Ketchum also reassured critics who said CARDS would propose a security risk since it would require Finra to hold large amounts of client information.

“Let me emphasize: this is nothing new for us,” he said. “Finra has been maintaining the highest security standards and safely hosting highly confidential broker data for decades now.”

Moreover, the regulator issued a separate clarification earlier this year saying that CARDS will not collect “personally identifiable information,” including names, addresses, tax IDs or social security numbers.

The proposal was issued as a “concept release,” and it still will have to be drafted and approved by Finra's board of directors and the Securities and Exchange Commission.

Mr. Ketchum did not provide a time frame for a new proposal to be drafted, although he said that the regulator had created a pilot program to help address additional concerns, such as the impact on a firm's bottom line.

He said that while the proposal may require additional compliance work at the outset, Finra's analysis of the data will allow its representatives to better communicate with firms about potential trouble spots.

“While CARDS won't replace the work done by your compliance department, it will strengthen and improve the effectiveness of the work,” he said. “After addressing startup costs, we can envision an environment down the road where CARDS would reduce costs for firms across the board.